Re: Secdir Review of draft-ietf-netconf-rfc5539bis-092015-03-10 10:28:47"t" == t p <daedulus(_at_)btconnect(_dot_)com> writes: Well, I think you still need to answer questions like * Is it a fingerprint of the cert or the key? * Is the server expected to re-normalize the DER? Allowed to re-normalize the DER? So that the input to the hash is well specified. Several protocols within the IETF have taken on the challenge of describing how to fingerprint certificates. I think the document would be improved by picking one of these strategies.
|
|